| PKI撤销机制OCSP风险脆弱性研究 |
| |
| 引用本文: | 张旭,张根度.PKI撤销机制OCSP风险脆弱性研究[J].计算机应用与软件,2008,25(11). |
| |
| 作者姓名: | 张旭 张根度 |
| |
| 作者单位: | 复旦大学计算机与信息技术系,上海,200433 |
| |
| 摘 要: | 通过公钥概念和技术实施的提供安全服务的PKI(Public Key Infrastructure)作为Internet安全解决方案得到了越来越多的应用.PKI的主要目的是通过管理密钥和证书,可以为用户建立起一个安全的网络运行环境,使用户可以在多种应用环境下方便地使用加密和数字签名技术,从而保证网上数据的机密性、完整性、有效性.证书撤销技术是制约PKI大规模发展的瓶颈之一,国内外对主流之一的OCSP(Online Certificate Status Protocol)撤销机制的风险研究却尚未开展起来.综合分析了OCSP机制的安全风险和防范措施,填补了在此领域的空白.
|
| 关 键 词: | 风险 |
RESEARCH ON THE VULNERABILITY OF PKI REVOCATION MECHANISM OCSP |
| |
| Zhang Xu,Zhang Gendu.RESEARCH ON THE VULNERABILITY OF PKI REVOCATION MECHANISM OCSP[J].Computer Applications and Software,2008,25(11). |
| |
| Authors: | Zhang Xu Zhang Gendu |
| |
| Affiliation: | Zhang Xu Zhang Gendu (Department of Computer , Information Technology,Fudan University,Shanghai 200433,China) |
| |
| Abstract: | Using public key concepts and techniques,PKI (Public Key Infrastructure),implemented for offering security services,as one of Internet security solutions gains more and more applications.The main purpose of PKI technology is to establish a secure network environ- ment for users by key and certificate management,they can conveniently use eneryption and digital signature technology in a variety of applica- tions conditions,thus ensure the confidentiality,integrity and effectiveness of online data.Certificate ... |
| |
| Keywords: | PKI OCSP |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
